Latest Version 2.4.10
October 6, 2025
SSH
This app supports executing various endpoint-based investigative and containment actions on an SSH endpoint
Built by
Compatibility
SOAR On-Prem, SOAR Cloud
Platform Version: 8.4, 8.0, 7.2, 7.1, 7.0, 6.4, 6.3, 6.2
Rating
5
(1)
Log in to rate this app
Support
Splunk Supported connector
Ranking
#3
in Endpoint
This app supports executing various endpoint-based investigative and containment actions on an SSH endpoint
Supported Actions
- test connectivity: Validates endpoint connection
- execute program: Executes a program on the remote machine
- list connections: Lists all the network connections. Requires root privileges. Requires netstat to be installed
- block ip: Add an iptables rule to the Linux server. Requires root privileges. Not supported on OS X
- list firewall rules: Lists the rules in iptables. Requires root privileges. Not supported on OS X
- delete firewall rule: Delete a firewall rule. Requires root privileges. Not supported on OS X
- reboot system: Reboot the endpoint (Requires root privileges)
- shutdown system: Shutdown the endpoint(Requires root privileges)
- terminate process: Terminate a process (Requires root privileges)
- logoff user: Logout a user on endpoint (Requires root privileges)
- list processes: List processes on endpoint
- get disk usage: Retrieve disk usage from endpoint
- get memory usage: Retrieve memory usage from endpoint
- get file: Retrieve a file from the endpoint and save it to the vault
- put file: Put a file from the vault to another location
Categories
Endpoint
Created By
Splunk LLC
Source Code
GitHub(Opens new window)Type
connector
Downloads
31,583
Splunk Answers
Ask a question about this app listing(Opens new window)Resources
Log in to report this app listing